package com.mgg.auth.config;

import com.mgg.auth.authentication.mobile.MobileSecurityConfigure;
import com.mgg.auth.constant.SecurityConstants;
import com.mgg.auth.authentication.openid.OpenIdSecurityConfigure;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.social.security.SpringSocialConfigurer;


/**
 * @Author: lijun
 * @Date: 2018/9/3 21:41
 */
@Configuration
@EnableResourceServer
public class ResourceServerConfig extends ResourceServerConfigurerAdapter{

    @Autowired
    private SpringSocialConfigurer mggSocialSecurityConfig;

    @Autowired
    private MobileSecurityConfigure mobileSecurityConfigure;

    @Autowired
    private OpenIdSecurityConfigure openIdSecurityConfigure;

    @Autowired
    private ValidateCodeSecurityConfig validateCodeSecurityConfig;

    @Override
    public void configure(HttpSecurity http) throws Exception {
        http
                .apply(validateCodeSecurityConfig)
                .and()
                .apply(mobileSecurityConfigure)
                .and()
                .apply(mggSocialSecurityConfig)
                .and()
                .apply(openIdSecurityConfigure)
                .and()
                .authorizeRequests()
                .antMatchers(
                        SecurityConstants.LOGIN_PROCESSING_URL_MOBILE,
                        SecurityConstants.LOGIN_PROCESSING_URL_OPENID,
                        SecurityConstants.VALIDATE_CODE_SEND_URL,
                        "/sso/*")
                .permitAll()
                .anyRequest()
                .authenticated()
                .and()
                .csrf().disable();
    }
}
